Anthropic says Project Glasswing has already used Claude Mythos Preview to identify more than 10,000 high- or critical-severity vulnerabilities across some of the world’s most important software. The company is now framing the problem less as one of bug discovery and more as one of verification, disclosure, and patching capacity.

That is the central message in Anthropic’s initial Glasswing update. The company says roughly 50 partners have been using the unreleased Mythos Preview model since the program launched last month, with some partners reporting that their rate of bug finding has increased more than tenfold.

The Bottleneck Has Moved To Patching

Project Glasswing was introduced as a defensive effort to secure critical software before advanced AI models make vulnerability discovery easier to scale. Anthropic’s latest update suggests that the defensive side is already seeing the same scale problem it fears from attackers: AI can find more issues than human teams can quickly validate and fix.

Related: Anthropic Unveils Project Glasswing to Put Frontier AI on Cyber Defense Duty

The numbers are striking. Anthropic says Cloudflare found 2,000 bugs across critical-path systems, including 400 high- or critical-severity issues, while Mozilla found and fixed 271 vulnerabilities in Firefox 150 during Mythos Preview testing. Other partners, including Palo Alto Networks, Microsoft, and Oracle, are described as shipping larger or faster patch volumes as AI-assisted security work expands.

Anthropic is careful not to disclose many technical details yet because of coordinated vulnerability disclosure timelines. The company points to its Coordinated Vulnerability Disclosure policy and says more detail will come once patches are widely deployed. That caution matters because the same AI capability that helps defenders find flaws can also reduce the work required for attackers to exploit them.

Open Source Is Feeling The Pressure

Anthropic says it has also used Mythos Preview to scan more than 1,000 open-source projects that underpin large parts of the internet and its own infrastructure. Across those projects, the model estimated 23,019 vulnerabilities in total, including 6,202 it rated high or critical.

After triage by external security research firms and Anthropic’s own reviewers, 1,752 high- or critical-rated findings have been assessed so far. Of those, 90.6% were found to be valid true positives, while 62.4% were confirmed as high or critical severity. Anthropic says that at current true-positive rates, Mythos Preview is on track to surface nearly 3,900 high- or critical-severity open-source vulnerabilities even if it finds no more.

Dashboard showing Anthropic's open-source vulnerability disclosure pipeline for Project Glasswing. Source: Anthropic

One example is CVE-2026-5194, a now-patched wolfSSL vulnerability that Anthropic says Mythos Preview detected. According to Anthropic, the model constructed an exploit that could allow certificate forgery. The company says a fuller technical analysis is coming, while wolfSSL has also published its own account of how Claude Mythos Preview helped harden wolfSSL.

The open-source workflow shows why the discovery boom is complicated. Maintainers already face low-quality AI-generated bug reports, and Anthropic says some have asked the company to slow disclosure because they need more time to design patches. On average, the company says a high- or critical-severity bug found by Mythos Preview takes about two weeks to patch.

AI Security Models Are Moving Toward Wider Use

Anthropic is not releasing Mythos-class models broadly yet. The company says no lab, including Anthropic, currently has safeguards strong enough to prevent such systems from being misused at public scale. Still, it is moving related tools into more accessible channels for defenders.

Claude Security is now in public beta for Claude Enterprise customers, and Anthropic says Claude Opus 4.7 has been used to patch more than 2,100 vulnerabilities in the three weeks since launch. The company is also making some of the tooling used by Project Glasswing partners available to qualifying security teams, including scanning skills, a codebase mapping harness, and a threat model builder.

That sits alongside a broader push to strengthen the security ecosystem. Anthropic points to its work with OpenSSF’s Alpha-Omega project, support for exploit capability benchmarks such as ExploitBench and ExploitGym, and Cisco’s open-sourced Foundry Security Spec.

The practical advice for defenders is not new, but it is becoming more urgent. Anthropic points to controls from the NIST Cybersecurity Framework and the UK’s National Cyber Security Centre guidance: shorten patch cycles, make updates easier to deploy, enforce multi-factor authentication, harden default configurations, and keep logs that support detection and response.

Glasswing Shows The Risk Of An Interim Period

The important idea in Anthropic’s update is that AI-enabled vulnerability discovery may improve faster than the institutions around disclosure and patching. That creates an interim risk window: defenders can find more flaws, but attackers may soon be able to do the same, while many organizations still patch slowly.

Anthropic says it plans to expand Project Glasswing with critical partners, including US and allied governments, while continuing work on stronger safeguards before a general Mythos-class release. It is also pointing maintainers toward Claude for Open Source as part of its support package.

The company is making an ambitious claim: that powerful cyber-capable AI can give defenders an asymmetric advantage before the same class of systems becomes more widely available. The early numbers make that claim harder to ignore, but they also expose the hard part ahead. Finding the vulnerabilities is becoming easier. Making the software ecosystem safer now depends on whether humans, institutions, and patch pipelines can move fast enough.

Comments

No comments yet. Be the first to share your thoughts.

or to leave a comment.